1. Field of the Invention
The present invention relates to an authentication apparatus and authentication method for authenticating an individual to be authenticated (authenticatee) using biometric information of the authenticatee, such as the face, fingerprint, iris, or the like.
2. Description of the Related Art
Authentication systems in which an individual is authenticated by using biometric information of the individual, such as the face, fingerprint, iris, or the like are proposed. An authentication system that performs authentication based on an ID card is also proposed. In the system, an individual is authenticated through the steps of: recording in advance biometric information of an individual and ID information for identifying the individual on an ID card including an IC chip; reading out the biometric information and ID information from the ID card; obtaining biometric information of the authenticatee through imaging, or the like; and matching the newly obtained biometric information with the registered biometric information read out from the ID card.
In the mean time, biometric characteristics of a human being may change as age progresses or due to, for example, a surgical operation, so that the biometric information that indicates the biometric characteristics of the individual is not always the same. Further, biometric information may be influenced by the environmental conditions under which the biometric information is obtained. For example, if the biometric information is to be obtained through imaging, the imaging conditions may influence the biometric information. Consequently, the authentication system that uses biometric information causes a problem that an authenticatee may not sometimes be authenticated and unable to receive the intended service to be provided after successful authentication, although the authenticatee is the authentic principal who should be authenticated successfully by the system.
Here, an agent authentication method as described, for example, in Japanese Unexamined Patent Publication Nos. 2001-202494 and 2001-067523 may be used in order to avoid the problem described above. In the agent authentication method, biometric information of an agent who is authorized to use an IC card by the card holder or the principal is registered on the card in addition to biometric information of the principal, and the agent is permitted to use the card when the authentication is successfully completed by comparing the registered biometric information of the agent with that obtained at the time of the authentication.
According to such authentication method, even if the authentication of the principal is unsuccessful, if the authentication of the agent accompanying the principal is successful, the agent may receive the intended service, and the principal in turn may receive the service through the agent.
In the agent authentication method described above, it is the agent who has been actually authenticated, so that the service is basically provided only to the agent, not to the principal. Thus, the principal is unable to receive the service directly even in the case, for example, where indirect reception of the service by the principal is meaningless. Further, in the agent authentication method, the agent is allowed to use the card alone. Accordingly, the method is not suitable for use in the case where the principal does not want the card to be used by the individual other than the principal without supervision of the principal. This may include the case, for example, where the service provided is closely related to the private information of the principal.
In view of the circumstances described above, it is an object of the present invention to provide an authentication apparatus and authentication method that allows a card holder or the principal to receive the intended service to be provided after successful authentication under his/her own supervision by providing an alternative means for authenticating the principal even if initial authentication of the principal is unsuccessful.
Japanese Unexamined Patent Publication No. 2004-220206 discloses a principal authentication system, in which an authentication level of a principal is decreased according to authentication history of an associated individual associated with the principal in advance, including the time and location where the authentication information has been obtained for authenticating the associated individual. But the system does not solve the problem described above when authentication of the principal is unsuccessful. Thus, it is different from the present invention.